#include <openssl/bn.h>
#include <openssl/cms.h>
#include <openssl/core_names.h>
-#include "internal/param_build.h"
+#include <openssl/param_build.h>
#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "crypto/rsa.h"
DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
- EVP_KEYMGMT *to_keymgmt)
+ EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx,
+ const char *propq)
{
RSA *rsa = from->pkey.rsa;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
const BIGNUM *n = RSA_get0_n(rsa), *e = RSA_get0_e(rsa);
const BIGNUM *d = RSA_get0_d(rsa);
STACK_OF(BIGNUM_const) *primes = NULL, *exps = NULL, *coeffs = NULL;
int selection = 0;
int rv = 0;
+ if (tmpl == NULL)
+ return 0;
/*
* If the RSA method is foreign, then we can't be sure of anything, and
* can therefore not export or pretend to export.
*/
if (RSA_get_method(rsa) != RSA_PKCS1_OpenSSL())
- return 0;
+ goto err;
/* Public parameters must always be present */
if (n == NULL || e == NULL)
goto err;
- ossl_param_bld_init(&tmpl);
-
/* |e| and |n| are always present */
- if (!ossl_param_bld_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_E, e))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, e))
goto err;
- if (!ossl_param_bld_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_N, n))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_N, n))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
&& (numprimes < 2 || numexps < 2 || numcoeffs < 1))
goto err;
- /* assert that an OSSL_PARAM_BLD has enough space. */
- if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
- + numprimes + numexps + numcoeffs
- <= OSSL_PARAM_BLD_MAX))
- goto err;
-
- if (!ossl_param_bld_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_D, d))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_D, d))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
- for (i = 0; i < numprimes; i++) {
+ for (i = 0; i < numprimes && rsa_mp_factor_names[i] != NULL; i++) {
const BIGNUM *num = sk_BIGNUM_const_value(primes, i);
- if (!ossl_param_bld_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_FACTOR,
- num))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, rsa_mp_factor_names[i], num))
goto err;
}
- for (i = 0; i < numexps; i++) {
+ for (i = 0; i < numexps && rsa_mp_exp_names[i] != NULL; i++) {
const BIGNUM *num = sk_BIGNUM_const_value(exps, i);
- if (!ossl_param_bld_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_EXPONENT,
- num))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, rsa_mp_exp_names[i], num))
goto err;
}
- for (i = 0; i < numcoeffs; i++) {
+ for (i = 0; i < numcoeffs && rsa_mp_coeff_names[i] != NULL; i++) {
const BIGNUM *num = sk_BIGNUM_const_value(coeffs, i);
- if (!ossl_param_bld_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_COEFFICIENT,
- num))
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, rsa_mp_coeff_names[i], num))
goto err;
}
}
- if ((params = ossl_param_bld_to_param(&tmpl)) == NULL)
+ if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
goto err;
/* We export, the provider imports */
sk_BIGNUM_const_free(primes);
sk_BIGNUM_const_free(exps);
sk_BIGNUM_const_free(coeffs);
- ossl_param_bld_free(params);
+ OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_BLD_free(tmpl);
return rv;
}
+static int rsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
+{
+ EVP_PKEY_CTX *pctx = vpctx;
+ EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+ RSA *rsa = rsa_new_with_ctx(pctx->libctx);
+
+ if (rsa == NULL) {
+ ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (!rsa_fromdata(rsa, params)
+ || !EVP_PKEY_assign_RSA(pkey, rsa)) {
+ RSA_free(rsa);
+ return 0;
+ }
+ return 1;
+}
+
const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2] = {
{
EVP_PKEY_RSA,
0, 0, 0, 0,
rsa_pkey_dirty_cnt,
- rsa_pkey_export_to
+ rsa_pkey_export_to,
+ rsa_pkey_import_from
},
{
0, 0, 0, 0,
rsa_pkey_dirty_cnt,
- rsa_pkey_export_to
+ rsa_pkey_export_to,
+ rsa_pkey_import_from
};